<?php
/***********************************************************
	Filename: app/www/control/login.php
	Note	: 会员登录页
	Version : 3.0
	Author  : qinggan
	Update  : 2010-01-08
***********************************************************/
class login_c extends Control
{
	function __construct()
	{
		parent::Control();
		$this->load_model("user");
	}

	function login_c()
	{
		$this->__construct();
	}

	//会员登录界面
	function index_f()
	{
		$b_url = $_SESSION["last_url"] ? $_SESSION["last_url"] : ($_SERVER["HTTP_REFERER"] ? $_SERVER["HTTP_REFERER"] : site_url("index"));
		if($_SESSION["user_id"] && $_SESSION["user_name"])
		{
			error($this->lang["login_exists"],$b_url);
		}
		//登录后的向导
		$leader[0] = array("url"=>site_url("login","",false),"title"=>"会员登录");
		$this->tpl->assign("leader",$leader);
		$this->tpl->display("login.".$this->tpl->ext);
	}

	function ok_f()
	{
		$username = $this->trans_lib->safe("username");
		$password = $this->trans_lib->safe("password");
		$login_url = site_url("login","",false);
		//账号和密码为空时警告
		if(!$username || !$password)
		{
			error($this->lang["login_false_empty"],$login_url);
		}
		//检查会员不存在时的警告
		$rs = $this->user_m->user_from_name($username);
		if(!$rs)
		{
			error($this->lang["login_false_rs"],$login_url);
		}
		//密码检测
		$password = sys_md5($password);
		if($rs["pass"] != $password)
		{
			error($this->lang["login_false_password"],$login_url);
		}
		//检查会员状态的警告
		if(!$rs["status"])
		{
			error($this->lang["login_false_check"],$login_url);
		}
		//检查会员是否被锁定
		if($rs["status"] == 2)
		{
			error($this->lang["login_false_lock"],$login_url);
		}
		//将数据存到session中
		$_SESSION["user_id"] = $rs["id"];
		$_SESSION["user_name"] = $rs["name"];
		error($this->lang["login_usccess"],site_url("index"));
	}

	//取得密码
	function getpass_f()
	{
		if($_SESSION["user_id"])
		{
			error("您已经登录了",$this->url());
		}
		$sitetitle = "取回密码";
		$this->tpl->assign("sitetitle",$sitetitle);
		$array[0]["title"] = "取回密码";
		$this->tpl->assign("leader",$array);
		$this->tpl->display("getpass.".$this->tpl->ext);
	}

	function getpasschk_f()
	{
		$username = $this->trans_lib->safe("username");
		$email = $this->trans_lib->safe("email");
		if(!$username || !$email)
		{
			error("账号或邮箱不允许为空！",$this->url("login,getpass"));
		}
		$rs = $this->user_m->user_from_name($username);
		if(!$rs || $rs["email"] != $email)
		{
			error("账号不存在或是邮箱填写不正确！",$this->url("login,getpass"));
		}
		//
		$this->user_m->create_chkcode($rs["id"],$this->system_time);
		//发送电子邮件通知客户到邮箱取得认证
		$this->load_lib("email");
		$this->email_lib->getpass($rs["id"]);//通知客户修改邮箱
		error("您好，请到您的邮箱中收取密码修改认证页。",$this->url());
	}

	function repass_f()
	{
		$username = $this->trans_lib->safe("username");
		$chkcode = $this->trans_lib->safe("chkcode");
		$this->tpl->assign("username",$username);
		$this->tpl->assign("chkcode",$chkcode);
		$sitetitle = "重设密码";
		$this->tpl->assign("sitetitle",$sitetitle);
		$array[0]["title"] = "重设密码";
		$this->tpl->assign("leader",$array);
		$this->tpl->display("repass.".$this->tpl->ext);
	}

	function update_pass_f()
	{
		$username = $this->trans_lib->safe("username");
		$chkcode = $this->trans_lib->safe("chkcode");
		if(!$username || !$chkcode)
		{
			error("会员账号或验证串不允许为空",$this->url("login,repass"));
		}
		$rs = $this->user_m->user_from_name($username);
		if(!$rs)
		{
			error("账号不存在！",$this->url("login,repass"));
		}
		if($rs["chkcode"] != $chkcode)
		{
			error("验证串不一致，请检查！",$this->url("login,repass"));
		}
		if(($rs["chktime"] - 24*3600) > $this->system_time)
		{
			error("验证串已过期！",$this->url("login,repass"));
		}

		$newpass = $this->trans_lib->safe("newpass");
		$chkpass = $this->trans_lib->safe("chkpass");
		if(!$newpass || !$chkpass)
		{
			error("密码不允许为空！",$this->url("login,repass"));
		}
		if($newpass != $chkpass)
		{
			error("两次输入的密码不一致！",$this->url("login,repass"));
		}
		$pass = sys_md5($newpass);
		$this->user_m->update_pass($pass,$rs["id"]);
		//直接登录
		$_SESSION["user_id"] = $rs["id"];
		$_SESSION["user_name"] = $rs["name"];
		error("会员密码更新成功！",$this->url("usercp"));
	}
}
?>